Ai-je été attaquée par beagle?

Carine55 · le 7 juin 2010

Bonjour,

Je pense avoir été attaquée par un ver beagle. En effet je n'ai pas accès au WIFI alors que la fonction est bien active sur mon pc portable.

Le WLAN comportait une erreur et quand je voulait le démarrer dans le registre ça ne fonctionnait pas. J'ai regardé les dépendance et il me semble que le EapHost ait disparu... Quelqu'un pourrait-il m'aider à résoudre ce problème?

Par contre, je préfère vous prévenir je suis totalement novice et par conséquent il faut être le plus explicite avec moi.

Par avance, merci pour votre aide.

Bonne journée,

Carine

Apollo · le 7 juin 2010

Bonsoir,

On va voir ça.

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Important :
* Sous Vista : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur

* Sous Windows 7 : Il faut mettre le fichier RSIT.exe sur le bureau, faire un clic droit dessus et dans Propriétés, onglet Compatibilité, cocher la case "Exécuter ce programme en mode compatibilité pour" et dans le menu choisir Vista SP2 et la case dans Niveau de privilège.
Valide par Appliquer.
Clique Continue à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

@++

Carine55 · le 7 juin 2010

Bonsoir

Voici les documents demandés:

LOG :

Logfile of random's system information tool 1.07 (written by random/random)

Run by Carine at 2010-06-07 22:13:37

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2

System drive C: has 71 GB (49%) free of 144 GB

Total RAM: 2046 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:14:03, on 07/06/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\BisonCam\BisonHK.exe

C:\Program Files\Power Manager\PM.exe

C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Program Files\M6Video\M6video.exe

C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

C:\Windows\ehome\ehtray.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Carine\Desktop\RSIT.exe

C:\Program Files\trend micro\Carine.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll

R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

O1 - Hosts: ::1 localhost

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll

O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [bisonHK] C:\Windows\BisonCam\BisonHK.exe

O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe

O4 - HKLM\..\Run: [CardReaderMonitor] C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe

O4 - HKLM\..\Run: [m6] C:\Program Files\M6Video\M6video.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"

O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (User 'Default user')

O4 - Global Startup: Bluetooth Manager.lnk = ?

O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O16 - DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} (CPlayFirstFashionDasControl Object) - http://gamenextfr.oberon-media.com/gameshe...eb.1.0.0.21.cab

O16 - DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} (CPlayFirstCookingDasControl Object) - http://gamenextfr.oberon-media.com/gameshe...web.1.0.0.9.cab

O16 - DPF: {2D168880-539F-4967-BA11-F7C2862B9E1D} (CPlayFirstDiaperDashControl Object) - http://gamenextfr.oberon-media.com/gameshe...web.1.0.0.4.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {8ADC4409-4FBF-4224-B73F-2392C721BCB4} (GenimoWebGames Control) - http://games.bigfishgames.com/fr_butterfly...amesControl.cab

O16 - DPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} (Jolly Bear Games Player) - http://games.bigfishgames.com/fr_bigcityad...BGamePlayer.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/a...zylomloader.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextfr.oberon-media.com/Gameshe...ronGameHost.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10_fr.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe

O23 - Service: Isolation de clé CNG (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Protocole de résolution de noms d'homologues (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: User Privilege Service (usprserv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 27613 bytes

======Scheduled tasks folder======

C:\Windows\tasks\EasyShare Registration Task.job

C:\Windows\tasks\Extension de garantie.job

C:\Windows\tasks\Recovery DVD Creator.job

C:\Windows\tasks\User_Feed_Synchronization-{98737E56-46A9-4811-82C2-35DB16CDA872}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll [2009-09-20 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}]

IEHlprObj Class - C:\Program Files\iWin Games\iWinGamesHookIE.dll [2010-01-21 141312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-07 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-02-07 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-02-07 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]

CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]

SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll [2009-09-20 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll [2009-09-20 1172280]

{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-02-07 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-09 845360]

"BisonHK"=C:\Windows\BisonCam\BisonHK.exe [2007-05-16 73728]

"PowerManager"=C:\Program Files\Power Manager\PM.exe [2007-05-16 29696]

"CardReaderMonitor"=C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe [2007-07-25 643072]

""= []

"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-11 232184]

"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-12 30192]

"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2007-02-21 366400]

"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]

"m6"=C:\Program Files\M6Video\M6video.exe [2007-07-24 1444352]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]

"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-03 111856]

"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-21 202256]

"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-07-21 86016]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-07-21 8433664]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-07-21 81920]

""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []

"SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2007-07-19 1120568]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-03 111856]

"Messenger (Yahoo!)"=C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [2010-02-17 5244216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPService]

C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe [2007-06-13 102400]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-06-07 22:13:37 ----D---- C:\rsit

2010-06-07 12:17:01 ----D---- C:\Program Files\TweakUAC

2010-05-29 19:42:05 ----A---- C:\Windows\system32\tzres.dll

2010-05-15 08:41:07 ----A---- C:\Windows\system32\inetcomm.dll

2010-05-15 08:40:55 ----A---- C:\Windows\system32\winhttp.dll

2010-05-09 15:01:22 ----A---- C:\Windows\system32\kerberos.dll

2010-05-09 15:01:19 ----A---- C:\Windows\system32\schannel.dll

======List of files/folders modified in the last 1 months======

2010-06-07 22:14:03 ----D---- C:\Program Files\Trend Micro

2010-06-07 22:13:44 ----D---- C:\Windows\Temp

2010-06-07 19:12:33 ----D---- C:\Users\Carine\AppData\Roaming\Skype

2010-06-07 18:05:03 ----D---- C:\Users\Carine\AppData\Roaming\skypePM

2010-06-07 18:02:40 ----AD---- C:\ProgramData\TEMP

2010-06-07 12:46:47 ----HD---- C:\ProgramData

2010-06-07 12:46:30 ----HD---- C:\Windows\system32\GroupPolicy

2010-06-07 12:17:01 ----RD---- C:\Program Files

2010-06-07 10:39:57 ----D---- C:\Program Files\iWin.com

2010-06-07 09:36:06 ----D---- C:\Windows

2010-06-06 15:34:33 ----D---- C:\Users\Carine\AppData\Roaming\iWin

2010-06-06 15:34:33 ----D---- C:\ProgramData\iWin

2010-06-05 12:11:06 ----D---- C:\Program Files\Microsoft Silverlight

2010-06-05 09:35:59 ----SHD---- C:\System Volume Information

2010-06-05 08:59:45 ----SHD---- C:\Windows\Installer

2010-06-05 08:59:45 ----SD---- C:\ProgramData\Microsoft

2010-06-04 21:51:40 ----D---- C:\Windows\rescache

2010-06-04 21:36:09 ----D---- C:\Windows\winsxs

2010-06-04 21:36:08 ----D---- C:\Windows\system32\fr-FR

2010-06-04 21:36:07 ----AD---- C:\Windows\System32

2010-06-04 21:34:28 ----D---- C:\Program Files\Internet Explorer

2010-05-30 19:59:36 ----D---- C:\Windows\Prefetch

2010-05-30 17:05:28 ----D---- C:\Windows\inf

2010-05-30 17:05:28 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-05-30 10:58:36 ----D---- C:\Windows\system32\drivers

2010-05-30 10:26:56 ----D---- C:\Windows\system32\config

2010-05-30 10:26:50 ----RSD---- C:\Windows\Fonts

2010-05-30 10:26:49 ----D---- C:\Windows\Tasks

2010-05-30 10:26:49 ----D---- C:\Windows\system32\Tasks

2010-05-30 10:26:49 ----D---- C:\Windows\system32\spool

2010-05-30 10:26:49 ----D---- C:\Windows\system32\Msdtc

2010-05-30 10:26:49 ----D---- C:\Windows\system32\CodeIntegrity

2010-05-30 10:26:43 ----D---- C:\Windows\system32\wbem

2010-05-30 10:26:43 ----D---- C:\Windows\registration

2010-05-30 10:01:47 ----D---- C:\Windows\system32\catroot2

2010-05-30 09:36:36 ----SD---- C:\Users\Carine\AppData\Roaming\Microsoft

2010-05-29 19:11:00 ----D---- C:\Windows\system32\catroot

2010-05-29 09:25:04 ----D---- C:\Windows\Minidump

2010-05-21 14:14:28 ----N---- C:\Windows\system32\MpSigStub.exe

2010-05-16 13:27:23 ----D---- C:\Program Files\Windows Mail

2010-05-16 10:02:35 ----D---- C:\ProgramData\Microsoft Help

2010-05-15 10:30:14 ----D---- C:\ProgramData\VirtualFarm

2010-05-14 23:29:07 ----D---- C:\ProgramData\airportmania

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]

R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]

R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-05-24 64000]

R1 WINIO;WINIO; \??\C:\Windows\system32\WinIo.sys [2007-01-04 9336]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]

R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-22 271360]

R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-22 18048]

R3 Cam5607;Bison WebCam; C:\Windows\System32\Drivers\BisonC07.sys [2007-07-23 971944]

R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]

R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]

R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-04-12 160768]

R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-21 7138272]

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]

R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-06-08 253952]

R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-06-15 47616]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-09 182456]

R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]

R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]

R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]

R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]

R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]

R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]

R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]

S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]

S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]

S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]

S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]

S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]

S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 iWinTrusted;iWinTrusted; C:\Program Files\iWin Games\iWinTrusted.exe [2010-04-14 78104]

R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-11 166648]

R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]

R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]

S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []

S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2009-05-16 69120]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-12 30192]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-07 137200]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-11 887544]

S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]

S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------

et l'info:

info.txt logfile of random's system information tool 1.06 2010-06-07 22:14:20

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}

-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}

-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}

-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}

-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

2 Tasty-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\am-2tasty.rguninst" "AddRemove"

Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}

Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*

Adobe Shockwave Player-->MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}

ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*

ALSong-->"C:\Program Files\ESTsoft\ALSong\unins000.exe"

ALTools Update-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"

Antique Shop (supprimer)-->"C:\Program Files\iWin.com\Antique Shop\Uninstall.exe"

Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}

ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1AlbumPage

ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Funhouse

ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1GreetingCard

ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1PhotoBook

ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Calendar

ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1ScrapBook

ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c -1Slimline

ArcSoft Print Creations-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x40c

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup

Baby Blimp (supprimer)-->"C:\Program Files\iWin.com\Baby Blimp\Uninstall.exe"

Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe

Bison WebCam-->C:\Program Files\InstallShield Installation Information\{4BB1DCED-84D3-47F9-B718-5947E904593E}\setup.exe -runfromtemp -l0x040c -removeonly

Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}

Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"

Burger Rush-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\am-burgerrush.rguninst" "AddRemove"

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}

CD Audio Reader Filter (remove only)-->"C:\Program Files\CD Audio Reader Filter\uninstall.exe"

City Life 2008-->C:\Program Files\Monte Cristo\City Life\uninst.exe

Cléopâtre-->c:\Nobilis\Cléopâtre\Uninstall.exe

Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IFICVENza.inf

Costume Chaos-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\am-costumechaos.rguninst" "AddRemove"

Cradle of Rome (supprimer)-->"C:\Program Files\iWin.com\Cradle of Rome\Uninstall.exe"

Creator 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*

CursorFX-->"C:\ProgramData\{A850D4D9-871B-4234-908D-21C457767270}\CursorFX_public.exe" REMOVE=TRUE MODIFY=FALSE

CursorFX-->C:\ProgramData\{A850D4D9-871B-4234-908D-21C457767270}\CursorFX_public.exe

DC-Bass Source 1.1.1-->"C:\Program Files\DSP-worx\DC-Bass Source\Uninstall.exe"

Delicious: Emily's Tea Garden (supprimer)-->"C:\Program Files\iWin.com\Delicious Emily's Tea Garden\Uninstall.exe"

Detective Agency-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\amg-detectiveagency.rguninst" "AddRemove"

DirectVobSub (remove only)-->"C:\Program Files\DirectVobSub\uninstall.exe"

DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN

Dream Day Wedding: Bella Italia (supprimer)-->"C:\Program Files\iWin.com\Dream Day Wedding Bella Italia\Uninstall.exe"

DScaler 5 Mpeg Decoders-->"C:\Program Files\DScaler5\unins000.exe"

ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}

ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}

ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}

ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}

ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}

ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}

ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}

ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}

essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}

EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"

Fairy Godmother Tycoon (supprimer)-->"C:\Program Files\iWin.com\Fairy Godmother Tycoon\Uninstall.exe"

Farm Frenzy 3 (supprimer)-->"C:\Program Files\iWin.com\Farm Frenzy 3\Uninstall.exe"

Farm Mania-->"C:\Program Files\Farm Mania\Uninstall.exe"

ffdshow [rev 1685] [2007-12-06]-->"C:\Program Files\ffdshow\unins000.exe"

fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}

Firefox-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FirefoxFR*

Flash Player 9 Internet Explorer-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*

Free - Kit de connexion-->C:\Program Files\Free.fr\uninstall.exe

GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}

Gemini Lost (supprimer)-->"C:\Program Files\iWin.com\Gemini Lost\Uninstall.exe"

Go-Go Gourmet (supprimer seulement)-->"C:\Program Files\iWin.com\Go-Go Gourmet\Uninstall.exe"

Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*

Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall

Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*

Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall

GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*

GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*

Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"

HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}

Heroes of Hellas (supprimer)-->"C:\Program Files\iWin.com\Heroes of Hellas\Uninstall.exe"

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Horatio's Travels-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\am-horatiostravels.rguninst" "AddRemove"

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Incredible Express-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\am-incredibleexpress.rguninst" "AddRemove"

Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*

Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}

Island Realms (supprimer)-->"C:\Program Files\iWin.com\Island Realms\Uninstall.exe"

iWin Games (remove only)-->"C:\Program Files\iWin Games\Uninstall.exe"

iWizz-->C:\Program Files\iWizz\uninstall.exe

Jane's Realty 2-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\am-janesrealty2.rguninst" "AddRemove"

Java 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}

Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Jewel Quest II (remove only)-->"C:\Program Files\iWin.com Games\Jewel Quest II\Uninstall.exe"

kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}

kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}

kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}

kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}

kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}

kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}

kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}

KnC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71C554B9-79B7-4B5A-8AF0-C6E5CBE108CC}\setup.exe" -l0x40c -removeonly

Lemonade Tycoon-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\amg-lemonadetycoon.rguninst" "AddRemove"

Logiciel Kodak EasyShare-->C:\ProgramData\Kodak\EasyShareSetup\$SETUP_140001_500d69\Setup.exe /APR-REMOVE

Logiciel KODAK Gallery Upload-->MsiExec.exe /I{B7F98125-4955-41E3-8A71-4CE11CE9C198}

M6Video version 2.2.16.200-->"C:\Program Files\M6Video\unins000.exe"

Magic Farm (supprimer)-->"C:\Program Files\iWin.com\Magic Farm\Uninstall.exe"

MagicSports 3.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5927AF0D-335C-41D6-937B-54587EBD6D2C}\setup.exe" -uninstall

Mah Jong Quest (supprimer)-->"C:\Program Files\iWin.com\Mah Jong Quest\Uninstall.exe"

Metaboli-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *METABOLI*

Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se*

Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673}

Microsoft® Office Trial 2007-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OFF2k7_FR*

Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}

Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}

Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}

Miss Management (supprimer)-->"C:\Program Files\iWin.com\Miss Management\Uninstall.exe"

Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}

Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe

Mozilla Firefox (3.5.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

My Kingdom for the Princess (supprimer)-->"C:\Program Files\iWin.com\My Kingdom for the Princess\Uninstall.exe"

National Geographic DogTown (supprimer)-->"C:\Program Files\iWin.com\National Geographic DogTown\Uninstall.exe"

netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}

Norton 360-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *N360_2007_FR*

Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}

OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}

OpenSource Flash Video Splitter (remove only)-->"C:\Program Files\OpenSource Flash Video Splitter\uninstall.exe"

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Packard Bell Demo-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *PB_DEMO*

Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*

Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*

Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*

Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"

Picasa2-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Picasa_2*

Power Manager 2.1.10-->"C:\Program Files\Power Manager\unins000.exe"

QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}

Rachel's Retreat (supprimer)-->"C:\Program Files\iWin.com\Rachel's Retreat\Uninstall.exe"

Radio Media Player-->C:\Program Files\Windows Media Player\Plugins\Radios Media Player\uninst.exe

Ranch Rush (supprimer)-->"C:\Program Files\iWin.com\Ranch Rush\Uninstall.exe"

RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0

Realtek Card Reader Monitor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4210CB1-A469-41AF-A619-C97B07FDF6FD}\setup.exe" -l0x9 -removeonly

Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9 -removeonly

REALTEK USB Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{7095FD27-37F0-4750-9DE8-D37DC0043706}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x040c -removeonly

RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F}

Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}

Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*

SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}

Shaman Odyssey (supprimer)-->"C:\Program Files\iWin.com\Shaman Odyssey\Uninstall.exe"

SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}

Shockwave player 10-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Shockwave*

SHOUTcast Source (remove only)-->"C:\Program Files\SHOUTcast Source\uninstall.exe"

skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}

SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}

Skype 3.2.2.163-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*

Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Something Special-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\amg-somethingspecial.rguninst" "AddRemove"

staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}

SweetIM Toolbar for Internet Explorer 3.3-->MsiExec.exe /X{266C7330-C0F4-49E5-8F20-A56F9F822875}

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

The Clumsys 2-->"C:\Program Files\Jeux.fr\The Clumsys 2\Uninstall.exe" "C:\Program Files\Jeux.fr\The Clumsys 2\install.log"

tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}

Turbo Fiesta (supprimer)-->"C:\Program Files\iWin.com\Turbo Fiesta\Uninstall.exe"

TweakUAC-->"C:\Program Files\TweakUAC\unins000.exe"

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}

Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}

Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}

VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}

Virtual City-->"C:\Program Files\RealArcade\Installer\bin\gameinstaller.exe" "C:\Program Files\RealArcade\Installer\installerMain.clf" "C:\Program Files\RealArcade\Installer\uninstall\am-virtualcity.rguninst" "AddRemove"

Virtual Farm (supprimer)-->"C:\Program Files\iWin.com\Virtual Farm\Uninstall.exe"

VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}

Wedding Dash (supprimer)-->"C:\Program Files\iWin.com\Wedding Dash\Uninstall.exe"

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}

Yahoo! Extras-->C:\PROGRA~1\Yahoo!\Common\unyext.exe

Yahoo! Install Manager-->C:\Windows\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~2.DLL

Yahoo! Internet Mail-->C:\Windows\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll

Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE

Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE

Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

Zylom Games Player Plugin-->"C:\Program Files\Zylom Games\UninstallPlugin.exe" --uninstall

======Security center information======

AV: Norton 360 (disabled) (outdated)

FW: Norton 360

AS: Windows Defender

AS: Norton 360 (disabled) (outdated)

======System event log======

Computer Name: PC-de-Carine

Event Code: 4376

Message: Servicing a requis un redémarrage pour terminer la définition du package Microsoft-Windows-AutomationAPI-Package-Package-ar-sa-MiniLP(Update) à l’état Installation demandée(Install Requested)

Record Number: 175385

Source Name: Microsoft-Windows-Servicing

Time Written: 20091121074258.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Carine

Event Code: 4376

Message: Servicing a requis un redémarrage pour terminer la définition du package KB971513_en-US(Language Pack) à l’état Installation demandée(Install Requested)

Record Number: 175383

Source Name: Microsoft-Windows-Servicing

Time Written: 20091121074258.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Carine

Event Code: 4376

Message: Servicing a requis un redémarrage pour terminer la définition du package Microsoft-Windows-AutomationAPI-Package-Package-en-US-MiniLP(Update) à l’état Installation demandée(Install Requested)

Record Number: 175381

Source Name: Microsoft-Windows-Servicing

Time Written: 20091121074258.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Carine

Event Code: 4376

Message: Servicing a requis un redémarrage pour terminer la définition du package KB971513(Update) à l’état Installation demandée(Install Requested)

Record Number: 175379

Source Name: Microsoft-Windows-Servicing

Time Written: 20091121074258.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Carine

Event Code: 4376

Message: Servicing a requis un redémarrage pour terminer la définition du package KB971513(Update) à l’état Installation demandée(Install Requested)

Record Number: 175341

Source Name: Microsoft-Windows-Servicing

Time Written: 20091121074258.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: PC-de-Carine

Event Code: 1530

Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -

1 user registry handles leaked from \Registry\User\S-1-5-21-1738883225-2360655937-2119004683-1002:

Process 1008 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1738883225-2360655937-2119004683-1002

Record Number: 6306

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20070915200803.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Carine

Event Code: 5007

Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.

Record Number: 6301

Source Name: WerSvc

Time Written: 20070915181445.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Carine

Event Code: 1530

Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -

1 user registry handles leaked from \Registry\User\S-1-5-21-1738883225-2360655937-2119004683-1002_Classes:

Process 1048 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1738883225-2360655937-2119004683-1002_CLASSES

Record Number: 6269

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20070915173621.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Carine

Event Code: 1530

Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.

DÉTAIL -

1 user registry handles leaked from \Registry\User\S-1-5-21-1738883225-2360655937-2119004683-1002:

Process 1048 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1738883225-2360655937-2119004683-1002

Record Number: 6268

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20070915173620.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Carine

Event Code: 5007

Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.

Record Number: 6263

Source Name: WerSvc

Time Written: 20070915164948.000000-000

Event Type: Erreur

User:

=====Security event log=====

Computer Name: PC-de-Carine

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys

Record Number: 48452

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090721064931.410004-000

Event Type: Échec de l'audit

User:

Computer Name: PC-de-Carine

Event Code: 5038

Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys

Record Number: 48451

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090721064931.269604-000

Event Type: Échec de l'audit

User:

Computer Name: PC-de-Carine

Event Code: 5032

Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2

Record Number: 48450

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090721064928.071604-000

Event Type: Échec de l'audit

User:

Computer Name: PC-de-Carine

Event Code: 5024

Message: Le démarrage du service Pare-feu Windows s’est correctement déroulé.

Record Number: 48449

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090721064922.674004-000

Event Type: Succès de l'audit

User:

Computer Name: PC-de-Carine

Event Code: 4624

Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :

ID de sécurité : S-1-0-0

Nom du compte : -

Domaine du compte : -

ID d’ouverture de session : 0x0

Type d’ouverture de session : 3

Nouvelle ouverture de session :

ID de sécurité : S-1-5-7

Nom du compte : ANONYMOUS LOGON

Domaine du compte : AUTORITE NT

ID d’ouverture de session : 0x258ac

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :

ID du processus : 0x0

Nom du processus : -

Informations sur le réseau :

Nom de la station de travail :

Adresse du réseau source : -

Port source : -

Informations détaillées sur l’authentification :

Processus d’ouverture de session : NtLmSsp

Package d’authentification : NTLM

Services en transit : -

Nom du package (NTLM uniquement) : NTLM V1

Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.

- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .

- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.

- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.

- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.

Record Number: 48448

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090721064922.564804-000

Event Type: Succès de l'audit

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 1, AuthenticAMD

"PROCESSOR_REVISION"=6801

"NUMBER_OF_PROCESSORS"=2

"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip

-----------------EOF-----------------

Apollo · le 7 juin 2010

Re,

Je ne crois pas que Bagle soit là mais on passera toujours l'outil dédié car il est capable de réparer le wi-fi.

Bagle détruit aussi les antivirus, ce qui ne semble pas être le cas chez toi.

Il y a cependant d'autres infections.

1) Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

Ferme toutes les applications ouvertes pour l'installer.

Sous Vista: Désactiver provisoirement l'UAC comme expliqué ICI

Double-clique (Clic droit/exécuter comme administrateur pour Vista) sur l'icône placée sur le bureau.

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

Clique sur Scanner.

Le rapport se trouve aussi sous C:\Ad-Report.

Copie/colle-le dans ta réponse stp.

-----------------------------------------------------------------------------------------------

2) Double-clique (Clic droit/exécuter comme administrateur pour Vista) sur l'icône placée sur le bureau.

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

Clique sur Nettoyer.

Le bureau va disparaitre, c'est normal!

Le rapport se trouve aussi sous C:\Ad-Report Clean.

Copie/colle-le dans ta réponse stp.

Réactiver l'UAC de Vista. (Si Vista bien sûr!).

La page d'accueil sera peut-être changée; il suffit de remettre sa page habituelle via les options internet.

@++

Modifié le 7 juin 2010 par Apollo

Carine55 · le 8 juin 2010

Bonjour,

Voici le premier rapport :

.

======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======

.

Mis à jour par C_XX le 19/05/10 à 19:20

Contact: AdRemover.contact@gmail.com

Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

.

Lancé à: 10:11:46 le 08/06/2010 | Mode normal | Option: SCAN

Exécuté de: C:\Ad-Remover\ADR.exe

SE: Microsoft® Windows Vista™ Édition Familiale Premium (Service Pack 2 - X86)

Nom du PC: PC-DE-CARINE (PACKARD BELL BV EasyNote_SJ81)

Utilisateur actuel: Carine

.

============== ÉLÉMENT(S) TROUVÉ(S) ==============

.

C:\Program Files\GamesBar

C:\Program Files\iWin Games

C:\Program Files\SweetIM

C:\ProgramData\iWin

C:\ProgramData\iWin Games

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin Games

C:\ProgramData\Trymedia

C:\Users\Carine\AppData\Local\Temp\iWinGames

C:\Users\Carine\AppData\LocalLow\SweetIM

C:\Users\Carine\AppData\Roaming\iWin

C:\Users\Carine\AppData\Roaming\Mozilla\FireFox\Profiles\8vyu5nil.default\searchplugins\sweetim.xml

C:\Users\Carine\AppData\Roaming\Mozilla\FireFox\Profiles\8vyu5nil.default\SweetIMToolbarData

C:\Users\Carine\Desktop\SweetImSetup.exe

C:\Users\Public\Desktop\Play iWin Games.lnk

C:\Users\Public\Documents\iWin

C:\Windows\Downloaded Program Files\Popcaploader.dll

C:\Windows\Downloaded Program Files\Popcaploader.inf

.

HKCU\Software\iWinArcade

HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8CA5ED52-F3FB-4414-A105-2E3491156990}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A0AADCD-3A72-4B5F-900F-E3BB5A838E2A}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8CA5ED52-F3FB-4414-A105-2E3491156990}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC4FFE41-DE9F-46fa-B455-AAD49B9F9938}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}

HKCU\Software\PopCap

HKCU\Software\SWEETIE

HKCU\Software\SweetIM

HKCU\Software\Trymedia Systems

HKLM\Software\Classes\CLSID\{098135FF-6FF1-3893-DA1A-31DB8BB1A00E}

HKLM\Software\Classes\CLSID\{635ADC07-6F19-42a7-8043-EDD19678CE14}

HKLM\Software\Classes\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}

HKLM\Software\Classes\CLSID\{9B891343-654E-4301-800B-1803B17A61EF}

HKLM\Software\Classes\CLSID\{ED03B43A-FB7D-46C0-CCFE-FB43CEBB5B8A}

HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}

HKLM\Software\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}

HKLM\Software\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}

HKLM\Software\Classes\IEHlprObj.IEHlprObj

HKLM\Software\Classes\IEHlprObj.IEHlprObj.1

HKLM\Software\Classes\Interface\{3B16338D-AFD9-46FF-8BEE-4FEC95946937}

HKLM\Software\Classes\Interface\{3E3EF583-8811-4D6F-8EFD-68B2ECD040C0}

HKLM\Software\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}

HKLM\Software\Classes\iwin

HKLM\Software\Classes\iWinSupport.iWinSupport

HKLM\Software\Classes\iWinSupport.iWinSupport.1

HKLM\Software\Classes\iWinTrusted.CoiWinTrusted

HKLM\Software\Classes\iWinTrusted.CoiWinTrusted.1

HKLM\Software\Classes\popcaploader.popcaploaderctrl2

HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1

HKLM\Software\Classes\SWEETIE.IEToolbar

HKLM\Software\Classes\SWEETIE.IEToolbar.1

HKLM\Software\Classes\SWEETIE.SWEETIE

HKLM\Software\Classes\SWEETIE.SWEETIE.3

HKLM\Software\Classes\Toolbar3.SWEETIE

HKLM\Software\Classes\Toolbar3.SWEETIE.1

HKLM\Software\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}

HKLM\Software\Classes\TypeLib\{495874FE-4A82-4AD1-9476-0B957E0B95EB}

HKLM\Software\Classes\TypeLib\{511FEB59-57D5-4B0C-AE92-ABBA854413AF}

HKLM\Software\Classes\TypeLib\{8EE3F31F-7498-4A88-9727-299EAFF24150}

HKLM\Software\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}

HKLM\Software\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}

HKLM\Software\GamesBarSetup

HKLM\Software\iWinArcade

HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{266C7330-C0F4-49E5-8F20-A56F9F822875}

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWinArcade

HKLM\Software\SweetIM

HKLM\Software\Trymedia Systems

HKU\.DEFAULT\Software\iWinArcade

HKU\S-1-5-18\Software\iWinArcade

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847}

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{EEE6C35D-6118-11DC-9C72-001320C79847}

HKLM\Software\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847}

.

============== SCAN ADDITIONNEL ==============

.

* Mozilla FireFox Version 3.5.9 (fr) *

.

C:\Users\Carine\..\8vyu5nil.default\prefs.js - browser.download.dir: C:\\Users\\Carine\\Downloads

C:\Users\Carine\..\8vyu5nil.default\prefs.js - browser.download.lastDir: C:\\Users\\Carine\\Desktop

C:\Users\Carine\..\8vyu5nil.default\prefs.js - browser.search.defaultenginename: Yahoo

C:\Users\Carine\..\8vyu5nil.default\prefs.js - browser.search.defaulturl: hxxp://fr.search.yahoo.com/search?fr=ffsp1&p=

C:\Users\Carine\..\8vyu5nil.default\prefs.js - browser.search.selectedEngine: Yahoo!

C:\Users\Carine\..\8vyu5nil.default\prefs.js - browser.startup.homepage: hxxp://www.google.fr

C:\Users\Carine\..\8vyu5nil.default\prefs.js - browser.startup.homepage_override.mstone: rv:1.9.1.9

C:\Users\Carine\..\8vyu5nil.default\prefs.js - keyword.URL: hxxp://fr.search.yahoo.com/search?fr=ffds1&p=

C:\Users\Carine\..\8vyu5nil.default\prefs.js - sweetim.toolbar.previous.keyword.URL: chrome://packardbell-partner/locale/partner.properties

.

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.mode.debug", "false");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://packardbell-partner/locale/partner.properties");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"p=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.sweetim.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.live.*/*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://*youtube.com/\" param=\"search_query=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.ebay.*/search/*\" param=\"satitle=\" /><EXTERNAL_SEARCH engine=\"hxxp://*.amazon.com/s/*\" param=\"field-keywords=\" /></TOOLBAR>");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.search.history.capacity", "10");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.simapp_id", "{46AB1828-FD73-11DC-88E3-001060D1546C}");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");

TROUVÉ: C:\Users\Carine\..\8vyu5nil.default\prefs.js - user_pref("sweetim.toolbar.version", "1.0.0.8");

.

* Internet Explorer Version 8.0.6001.18904 *

.

[HKCU\Software\Microsoft\Internet Explorer\Main]

.

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search Page: hxxp://www.google.com

Show_ToolBar: yes

Start Page: hxxp://www.google.fr/

Use Search Asst: no

.

[HKLM\Software\Microsoft\Internet Explorer\Main]

.

AutoHide: yes

Default_Page_URL: hxxp://fr.yahoo.com

Default_Search_URL: hxxp://fr.rd.yahoo.com/customize/ie/defaults/su/msgr9/*hxxp://fr.search.yahoo.com

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\System32\blank.htm

Search Page: hxxp://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://fr.search.yahoo.com

Start Page: hxxp://home.sweetim.com

.

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

.

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

.

========================================

.

C:\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Ad-Remover\Backup: 1 Fichier(s)

.

C:\Ad-Report-SCAN[1].txt - 9500 Octet(s)

.

Fin à: 10:32:08, 08/06/2010

.

============== E.O.F - SCAN[1] ==============

et le second :

.

======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======

.

Mis à jour par C_XX le 19/05/10 à 19:20

Contact: AdRemover.contact@gmail.com

Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

.

Lancé à: 10:32:51 le 08/06/2010 | Mode normal | Option: CLEAN

Exécuté de: C:\Ad-Remover\ADR.exe

SE: Microsoft® Windows Vista™ Édition Familiale Premium (Service Pack 2 - X86)

Nom du PC: PC-DE-CARINE (PACKARD BELL BV EasyNote_SJ81)

Utilisateur actuel: Carine

.

============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============

.

C:\Program Files\GamesBar

C:\Program Files\iWin Games

C:\Program Files\SweetIM

C:\ProgramData\iWin

C:\ProgramData\iWin Games

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin Games

C:\ProgramData\Trymedia

C:\Users\Carine\AppData\Local\Temp\iWinGames

C:\Users\Carine\AppData\LocalLow\SweetIM

C:\Users\Carine\AppData\Roaming\iWin

C:\Users\Carine\AppData\Roaming\Mozilla\FireFox\Profiles\8vyu5nil.default\searchplugins\sweetim.xml

C:\Users\Carine\AppData\Roaming\Mozilla\FireFox\Profiles\8vyu5nil.default\SweetIMToolbarData

C:\Users\Carine\Desktop\SweetImSetup.exe

C:\Users\Public\Desktop\Play iWin Games.lnk

C:\Users\Public\Documents\iWin

C:\Windows\Downloaded Program Files\Popcaploader.dll

C:\Windows\Downloaded Program Files\Popcaploader.inf

(!) -- Fichiers temporaires supprimés.